Add support for Google reCAPTCHA in user registration to prevent spammers

See merge request !2216

Disable --follow in `git log` to avoid loading duplicate commit data in infinite scroll

`git` doesn't work properly when `--follow` and `--skip` are specified together. We could even be **omitting commits in the Web log** as a result.

Here are the gory details. Let's say you ran:

```
git log -n=5 --skip=2 README
```

This is the working case since it omits `--follow`. This is what happens:

1. `git` starts at `HEAD` and traverses down the tree until it finds the top-most commit relevant to README.
2. Once this is found, this commit is returned via `get_revision_1()`.
3. If the `skip_count` is positive, decrement and repeat step 2. Otherwise go onto step 4.
4. `show_log()` gets called with that commit.
5. Repeat step 1 until we have all five entries.

That's exactly what we want. What happens when you use `--follow`? You have to understand how step 1 is performed:

* When you specify a pathspec on the command-line (e.g. README), a flag `prune` [gets set here](https://github.com/git/git/blob/master/revision.c#L2351).
* If the `prune` flag is active, `get_commit_action()` determines whether the commit should be [scanned for matching paths](https://github.com/git/git/blob/master/revision.c#L2989).
* In the case of `--follow`, however, `prune` is [disabled here](https://github.com/git/git/blob/master/revision.c#L2350).
* As a result, a commit is never scanned for matching paths and therefore never pruned. `HEAD` will always get returned as the first commit, even if it's not relevant to the README.
* Making matters worse, the `--skip` in the example above would actually skip a every other entry after `HEAD` N times. If README were changed in these skipped commits, we would actually miss information!

Since git uses a matching algorithm to determine whether a file was renamed, I
believe `git` needs to generate a diff of each commit to do this and traverse
each commit one-by-one to do this. I think that's the rationale for disabling
the `prune` functionality since you can't just do a simple string comparison.

Closes #4181, #4229, #3574, #2410

See merge request !2210

Escape all the things.

See merge request !2209

[ci skip]

Fix Error 500 when global milestones have slashes

* Closes #4226

* Closes https://github.com/gitlabhq/gitlabhq/issues/9921

See merge request !2182

Fix identity and user retrieval when special characters are used

Fixes #4023

I also added tests to make sure the user with special characters in his name is returned correctly.

@rspeicher this probably should be added to 8.3 as a patch.

See merge request !2176

Fix Error 500 when doing a search in dashboard before visiting any project

If a search turned up an issue, under certain conditions you would see this error:

```
ActionView::Template::Error (undefined method `path_with_namespace' for nil:NilClass):
     6:   - if issue.description.present?
     7:     .description.term
     8:       = preserve do
     9:         = search_md_sanitize(markdown(issue.description))
    10:   %span.light
    11:     #{issue.project.name_with_namespace}
    12:   - if issue.closed?
  lib/gitlab/markdown/upload_link_filter.rb:36:in `build_url'
  lib/gitlab/markdown/upload_link_filter.rb:31:in `process_link_attr'
  lib/gitlab/markdown/upload_link_filter.rb:18:in `block in call'
  lib/gitlab/markdown/upload_link_filter.rb:17:in `call'
  lib/gitlab/markdown.rb:127:in `gfm'
  lib/gitlab/markdown.rb:24:in `render'
  app/helpers/gitlab_markdown_helper.rb:61:in `markdown'
  app/views/search/results/_issue.html.haml:9:in `block in _app_views_search_results__issue_html_haml__4127460390996300432_59973760'
  app/views/search/results/_issue.html.haml:8:in `_app_views_search_results__issue_html_haml__4127460390996300432_59973760'
  app/views/search/_results.html.haml:20:in `_app_views_search__results_html_haml__589475855773452465_61761440'
  app/views/search/show.html.haml:5:in `_app_views_search_show_html_haml___1852335078065998536_69780120'
```

Confirmed this is issue still happens in GitLab 8.4, and it also happens on GitLab.com. Here's how to reproduce:

1. Login in a new browser.
2. Enter a search term on the top right that will land a hit in the "Issues" (e.g. GitLab).
3. Click on "Issues" tab. You should get an Error 500.

The issue is that @project isn't assigned to anything.

See merge request !2110

Fix method that ensures authentication token

Until now, `ensure_#{token_filed_name}!` method didn't persist new token in database.

This closes #4235.

See merge request !2185

Fix and test leave project display

The 'Leave this project' display on project page was broken. It was calling the method incorrectly, which returned `nil` and displayed nothing. 

This fixes the display and also adds 2 different tests for it.

cc/ @jvanbaarsen @stanhu Please review and merge if you think it looks good. Thank you!

See merge request !2166

Sidekiq-cron configuration moved to gitlab.yml

When `sidekiq-cron` was introduced, jobs configuration where placed
in `schedule.yml` file.

As discussed in #3928, this is not desirable. 
We moved it to `gitlab.yml`, exposing only the "cron" part of the configuration.

See merge request !2087

Fix MR 500 when viewing the MR page

Fixes #2712 

See merge request !2167

Explicitly require Nokogiri 1.6.7.1 due to security issue

```
Name: nokogiri
Version: 1.6.7
Advisory: CVE-2015-5312
Criticality: High
URL: https://groups.google.com/forum/#!topic/ruby-security-ann/aSbgDiwb24s
Title: Nokogiri gem contains several vulnerabilities in libxml2
Solution: upgrade to >= 1.6.7.1
```

See merge request !2154

Allow admin to create new user identities

Fixes #2442 

See merge request !2077

Fix issue related cross-project MRs

Fixes https://gitlab.com/gitlab-org/gitlab-ce/issues/4188

See merge request !2163

Allow account unlock via email

We see a lot of users get confused about what it means when your account gets
locked. Many try to reset their password and are still faced with a lockout.
With this change, users receive an email that allows them to unlock their
account immediately. The previous behavior where the account is auto-unlocked
after a time also still works.

See merge request !2049

Backport JIRA service

Fixes #3839 

Move EE JIRA functionality back to CE.

- [x] Make it function in manual testing
- [x] Migrate JIRA-specific tests
- [x] Tests pass
- [x] Migrate documentation
- [x] Rollback to previous CE JIRA integration locally, activate on a project then try to migrate db and see if integration still works.
- [x] Final EE search for JIRA references

See merge request !2146

Remove CI_BUILD_BEFORE_SHA from CI documentation

As pointed in #3210, the environment variable isn't usable any more.

See merge request !2118

Clarify Windows shell executor artifact upload support

@ayufan noted that the runner does not support artifact upload for Windows shell executor. This adds a note so users aren't confused.

See merge request !2142

Don't create CI status for refs that doesn't have .gitlab-ci.yml, even if the builds are enabled

Fixes #3827 
Fixes #4157

/cc @grzesiek @dblessing 

See merge request !2139

Do not display project group/name when issue and MR are in same project

I noticed that things seem a bit cluttered for related merge requests
when displaying the group/project name for every item, even when it's
in the same project.

For merge requests that are in the same project as the issue we probably
don't need to display the 'in group / name' bit.

See merge request !2141

Bump Rack Attack to v4.3.1 for security fix

https://github.com/kickstarter/rack-attack/releases/tag/v4.3.1

See merge request !2153

https://github.com/kickstarter/rack-attack/releases/tag/v4.3.1

Remove extra spaces after branchname

See merge request !2152

Fix merge-request-reopen button title

Closes #4069

See merge request !2147

Add new branch and tag action to tree dropdown

Right now, creating a branch or tag is only possible on the project page dropdown or on the commits page. This merge request both actions to the tree header dropdown. Now all repository web actions are available in this one location, plus the existing ones. It makes the operations a lot more intuitive.

## Existing Tree/Repository dropdown:

![Screen_Shot_2015-12-17_at_2.38.50_PM](/uploads/4d83a4b518093ea85f0859b385abcc7c/Screen_Shot_2015-12-17_at_2.38.50_PM.png)

## New Tree/Repository dropdown:

![Screen_Shot_2015-12-17_at_2.32.28_PM](/uploads/1fc18a511774630c5078a7d5c0fbb5b6/Screen_Shot_2015-12-17_at_2.32.28_PM.png)'

See merge request !2144

Remove duplicate entry in the changelog

/cc @DouweM 

See merge request !2149

Closes #4069

Use gitlab-shell 2.6.9

See merge request !2143